NetScaler provides a kubectl
plugin for inspecting ingress controller deployments and perform troubleshooting operations.
You can perform troubleshooting operations using the subcommands available with this plugin.
The plugin is supported from CIC version 1.32.7 onwards.
Using Krew
Krew helps you discover and install kubectl plugins on your machine.
You require internet connectivity to you machine to carry out below steps. Follow the Krew Quickstart Guide for installation and setup of Krew.
i. Install and set up Krew on your machine
ii. Download the plugin list:
kubectl krew update
iii. Discover plugins available on Krew:
```
kubectl krew search netscaler
```
```
NAME DESCRIPTION INSTALLED
netscaler Inspect NetScaler Ingresses no
```
iv. Install the plugin:
```
kubectl krew install netscaler
```
Note: For Mac, you need to enable allow a developer app
Using Binary
Warning: From version 2.0.0, It is recommended to use Krew plugin manager for installation and upgrade actvity. For disconnected machines, you can use the below method, but upgrades have to managed manually.
You can install the kubectl
plugin by downloading it from the NetScaler Modern Apps tool kit repository using curl as follows.
For Linux:
curl -LO https://github.com/netscaler/modern-apps-toolkit/releases/download/v2.0.0-netscaler-plugin/netscaler-plugin_v2.0.0-netscaler-plugin_Linux_x86_64.tar.gz
gunzip netscaler-plugin_v1.0.0-netscaler-plugin_Linux_x86_64.tar.gz
tar -xvf netscaler-plugin_v1.0.0-netscaler-plugin_Linux_x86_64.tar
chmod +x kubectl-netscaler
sudo mv kubectl-netscaler /usr/local/bin/kubectl-netscaler
For Mac:
curl -s -L https://github.com/netscaler/modern-apps-toolkit/releases/download/v2.0.0-netscaler-plugin/netscaler-plugin_v2.0.0-netscaler-plugin_Darwin_x86_64.tar.gz | tar xvz -
chmod +x kubectl-netscaler
sudo mv kubectl-netscaler /usr/local/bin/kubectl-netscaler
Note: For Mac, you need to enable allow a developer app
For Windows:
curl.exe -LO https://github.com/netscaler/modern-apps-toolkit/releases/download/v2.0.0-netscaler-plugin/netscaler-plugin_v2.0.0-netscaler-plugin_Windows_x86_64.zip | tar xvz
Note: For Windows, you must set you
$PATH
variable to where kubectl-netscaler.exe file is extracted.
The following subcommands are available with this plugin:
Subcommand | Description |
---|---|
help |
Provides more information about the various options. You can also run this command after installation to check if the installation is successful and see what are the commands available |
status |
Displays the status (up, down, or active) of NetScaler entities for provided prefix input (the default value of the prefix is k8s ) |
conf |
Displays NetScaler configuration (show run output) |
support |
Gets NetScaler (show techsupport ) and Ingress controller support bundle. Extracts support related information from Citrix ADC and ingress controller. Support related information is extracted as two tar.gz files. These two tar files are show tech support information from Citrix ADC and Kubernetes related information for troubleshooting where the ingress controller is deployed. |
You can use the help
command as follows to know about the available commands.
kubectl netscaler --help
For more information about a subcommand use the help
command as follows:
kubectl netscaler <command> --help
The status subcommand shows the status of various components of NetScaler created and managed by ingress controller in the Kubernetes environment.
The components can be filtered based on either both application prefix (NS_APPS_NAME_PREFIX environment variable for CIC pods or the entity Prefix value in the Helm chart) and ingress name or one of them. Default search prefix is k8s
.
Flag | Short form | Description |
---|---|---|
deployment | Name of the ingress controller deployment. | |
--ingress | -i | Specify the option to retrieve the config status of a particular Kubernetes Ingress resource. |
--label | -l | Label of the ingress controller deployment. |
--output | Output format. Supported formats are tabular (default) and JSON. | |
--pod | Name of the ingress controller pod. | |
--prefix | -p | Specify the name of the Prefix provided while deploying the Ingress controller. |
--verbose | -v | If this option is set, additional information such as NetScaler configuration type or service port are displayed. |
The following example shows the status of NetScaler components created by ingress controller with the label app=cic-tier2-citrix-cpx-with-ingress-controller
and the prefix plugin2
in the NetScaler namespace.
kubectl netscaler status -l app=cic-tier2-citrix-cpx-with-ingress-controller -n netscaler -p plugin
Showing NetScaler components for prefix: plugin2
NAMESPACE INGRESS PORT RESOURCE NAME STATUS
-- -- -- Listener plugin-198.168.0.1_80_http up
default -- -- Traffic Policy plugin-apache2_80_csp_mqwmhc66h3bkd5i4hd224lve7hjfzvoi active
default -- -- Traffic Action plugin-apache2_80_csp_mqwmhc66h3bkd5i4hd224lve7hjfzvoi attached
default plugin-apache2 80 Load Balancer plugin-apache2_80_lbv_mqwmhc66h3bkd5i4hd224lve7hjfzvoi up
default plugin-apache2 80 Service plugin-apache2_80_sgp_mqwmhc66h3bkd5i4hd224lve7hjfzvoi --
default plugin-apache2 80 Service Endpoint 198.168.0.2 up
netscaler -- -- Traffic Policy plugin-apache2_80_csp_lhmi6gp3aytmvmww3zczp2yzlyoacebl active
netscaler -- -- Traffic Action plugin-apache2_80_csp_lhmi6gp3aytmvmww3zczp2yzlyoacebl attached
netscaler plugin-apache2 80 Load Balancer plugin-apache2_80_lbv_lhmi6gp3aytmvmww3zczp2yzlyoacebl up
netscaler plugin-apache2 80 Service plugin-apache2_80_sgp_lhmi6gp3aytmvmww3zczp2yzlyoacebl --
netscaler plugin-apache2 80 Service Endpoint 198.168.0.3 up
This subcommand shows the running configuration information on the NetScaler (show run output
).
The l
option is used for querying the label of CIC pod.
Flag | Short form | Description |
---|---|---|
--deployment | Name of the ingress controller deployment. | |
--label | -l | Label of the ingress controller deployment. |
--pod | Name of the ingress controller pod. |
The following is a sample output for the kubectl netscaler conf subcommand:
kubectl netscaler conf -l app=cic-tier2-citrix-cpx-with-ingress-controller -n netscaler
set ns config -IPAddress 198.168.0.4 -netmask 255.255.255.255
set ns weblogparam -bufferSizeMB 3
enable ns feature LB CS SSL REWRITE RESPONDER AppFlow CH
enable ns mode L3 USNIP PMTUD
set system user nsroot -encrypted
set rsskeytype -rsstype ASYMMETRIC
set lacp -sysPriority 32768 -mac 8a:e6:40:7c:7f:47
set ns hostName cic-tier2-citrix-cpx-with-ingress-controller-7bf9c46cb9-xpwvm
set interface 0/1 -haHeartbeat OFF -throughput 0 -bandwidthHigh 0 -bandwidthNormal 0 -intftype Linux -ifnum 0/1
set interface 0/2 -speed 1000 -duplex FULL -throughput 0 -bandwidthHigh 0 -bandwidthNormal 0 -intftype Linux -ifnum 0/2
This support subcommand gets NetScaler (show techsupport) and Ingress Controller support bundle.
Warning: For NetScaler CPX form factor, technical support bundle files are copied to the location the user specifies. For security reasons, if the ingress controller is managing a NetScaler VPX/MPX then the tech support bundle is extracted only and not copied. The user must get the technical support bundle files from the NetScaler manually.
Flags for support subcommand:
Flag | Short form | Description |
---|---|---|
--deployment | Name of the ingress controller deployment. | |
--label | -l | Label of the ingress controller deployment. |
--pod | Name of the ingress controller pod. | |
--appns | List of space separated namespaces (within quotes) from where Kubernetes resource details such as ingress, services, pods, and crds are extracted (For example, default "namespace1" "namespace2") (default "default") | |
--dir | -d | Specify the absolute path of the directory to store support files. If not provided, the current directory is used. |
--unhideIP | Set this to unhide IP addresses while collecting Kubernetes information. By default, this flag is set to false . |
|
--skip-nsbundle | This option disables extraction of techsupport from NetScaler. By default, this flag is set to false . |
The following is a sample output for the kubectl netscaler support
command.
kubectl netscaler support -l app=cic-tier2-citrix-cpx-with-ingress-controller -n plugin
Extracting show tech support information, this may take
minutes.............
Extracting Kubernetes information
The support files are present in /root/nssupport_20230410032954
Using Krew
To upgrade the plugin using Krew, run the below command: kubectl krew upgrade netscaler
Using Binary
To update the plugin binary, manually find the version to be installed and reinstall the latest version using the install steps.
Using Krew
If the plugin was installed using Krew, uninstall it using the below command: kubectl krew uninstall netscaler
Using Binary
If the binary was directly placed in your machine, remove the binary from `/usr/local/bin` directory: rm /usr/local/bin/kubectl-netscaler